diff options
| author | D. V. Serg <dvserg@pfsense.org> | 2008-01-15 14:10:39 +0000 |
|---|---|---|
| committer | D. V. Serg <dvserg@pfsense.org> | 2008-01-15 14:10:39 +0000 |
| commit | a031b26d14d2be697aceaec4a296fd550c97d92e (patch) | |
| tree | 9bd3e55d91d0d6db4fbe034b8a96ff73d3bbb08e | |
| parent | a0a3fbe2cfa209bf2f66dcfa1e8fa300f4a2541f (diff) | |
| download | pfsense-packages-a031b26d14d2be697aceaec4a296fd550c97d92e.tar.gz pfsense-packages-a031b26d14d2be697aceaec4a296fd550c97d92e.tar.bz2 pfsense-packages-a031b26d14d2be697aceaec4a296fd550c97d92e.zip | |
Bugfix 1 - url validate
| -rw-r--r-- | packages/squidGuard/squidguard.inc | 26 | ||||
| -rw-r--r-- | packages/squidGuard/squidguard_configurator.inc | 11 |
2 files changed, 33 insertions, 4 deletions
diff --git a/packages/squidGuard/squidguard.inc b/packages/squidGuard/squidguard.inc index cb7d4938..f7866965 100644 --- a/packages/squidGuard/squidguard.inc +++ b/packages/squidGuard/squidguard.inc @@ -103,6 +103,8 @@ define('WEBGUI_HISTORY_LOG', 'on'); define('TEST_LOG', '/var/tmp/sqtest.test'); +define('ERRVALIDATE_REDIRECT', "Redirect must contains valid data. Example: 'http://www.my.com', 'https://my.com', Error_Code<space>Reason, blank, blank_img"); + # ============================================================================== # Initialization # ============================================================================== @@ -193,6 +195,28 @@ function squidguard_validate_acl($post, $input_errors) { if (empty($pass_over_val)) $post[FLD_DEST] = "$pass_up_val"; else $post[FLD_DEST] = "$pass_up_val [$pass_over_val]"; + + // check redirect + $redirect = trim($post[FLD_REDIRECT]); + if(!empty($redirect)) { + // cut first redirect url, if entered more that one + $redirect = explode("\n", $redirect); + $redirect = $redirect[0]; + $post[FLD_REDIRECT] = $redirect; + if (is_url($redirect) === false) + $input_errors[] = "Redirect '$redirect' error. " . ERRVALIDATE_REDIRECT; + } + + // check overredirect + $redirect = trim($post[FLD_OVERREDIRECT]); + if(!empty($redirect)) { + // cut first redirect url, if entered more that one + $redirect = explode("\n", $redirect); + $redirect = $redirect[0]; + $post[FLD_OVERREDIRECT] = $redirect; + if (is_url($redirect) === false) + $input_errors[] = "Overtime redirect '$redirect' error. " . ERRVALIDATE_REDIRECT; + } } # ------------------------------------------------------------------------------ @@ -282,7 +306,7 @@ function squidguard_validate_destination($post, $input_errors) { $redirect = $redirect[0]; $post[FLD_REDIRECT] = $redirect; if (is_url($redirect) === false) - $input_errors[] = "Redirect must contains valid url. Example: 'http://www.my.com', 'https://my.com', 'ftp://my.com'"; + $input_errors[] = "Redirect '$redirect' error. " . ERRVALIDATE_REDIRECT; } } diff --git a/packages/squidGuard/squidguard_configurator.inc b/packages/squidGuard/squidguard_configurator.inc index db751a95..041f5c14 100644 --- a/packages/squidGuard/squidguard_configurator.inc +++ b/packages/squidGuard/squidguard_configurator.inc @@ -827,7 +827,12 @@ function sg_redirector_base_url($url) { // Attention: // order arg's must be: first-URL, last-SG variables // SG have bug, what broke data after his var's - $rdr_path = $rdr_path . "?url=" . rawurlencode($url) . REDIRECT_URL_ARGS; + $tmp_url = ltrim($url); + // not need encoded url string. only err_code line + if (eregi("^https{0,1}://", $tmp_url) === false) + $tmp_url = rawurlencode($tmp_url); + $rdr_path = $rdr_path . "?url=" . $tmp_url . REDIRECT_URL_ARGS; // rawurlencode($tmp_url) . REDIRECT_URL_ARGS; + unset($tmp_url); sg_addlog("sg_redirector_base_url: select redirector base url ($rdr_path)"); return $rdr_path; @@ -1583,7 +1588,7 @@ function scan_dir($dir) { return $files; } # ------------------------------------------------------------------------------ -# is_url - build files listing for $dir +# is_url - check url an err_codes # ------------------------------------------------------------------------------ function is_url($url) { if (empty($url)) return false; @@ -1591,7 +1596,7 @@ function is_url($url) { if (eregi("^https://", $url)) return true; if (strstr("blank", $url)) return true; if (strstr("blank_img", $url)) return true; - if (eregi("^([0-9]{3})", $url)) return true; // http error code 403, 404, 410, etc. + if (eregi("^((30[1235]{1})|(40[0-9]{1})|(41[0-7]{1})|(50[0-5]{1}))", $url)) return true; // http error code 30x, 4xx, 50x. return false; } # ------------------------------------------------------------------------------ |